Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/kHvdHS2iwnVTVSTKqJoLp3KPKgM.roa
File: kHvdHS2iwnVTVSTKqJoLp3KPKgM.roa (raw, json)
Hash identifier: cbYHrrgEtnc8RPpj0al2xTuabhF+Geweca5yAxbEWBg=
Subject key identifier: 90:7B:DD:1D:2D:A2:C2:75:53:55:24:CA:A8:9A:0B:A7:72:8F:2A:03
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 082D256E
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/kHvdHS2iwnVTVSTKqJoLp3KPKgM.roa
Signing time: Sat 09 Apr 2022 10:38:17 +0000
ROA not before: Sat 09 Apr 2022 10:38:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.106.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
45.136.6.0/24 maxlen: 24
45.136.7.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137176430 (0x82d256e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Apr 9 10:38:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=907bdd1d2da2c275535524caa89a0ba7728f2a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:dd:a5:3e:4b:9d:82:76:7a:c3:c0:90:b7:0b:
ba:2f:6c:0a:48:57:d9:1e:a5:fe:4a:0a:b4:44:59:
0e:21:9f:b5:d9:86:fa:dd:ae:e5:8a:da:a0:2b:16:
57:fb:31:37:aa:e4:05:ab:8a:d4:a6:74:ee:ee:ee:
5f:90:8c:00:c8:50:57:c2:17:9f:9f:7f:f3:16:89:
1e:e8:7f:e0:d1:b2:fa:cb:a1:4d:6c:e1:aa:52:6c:
7a:2b:d5:f4:52:c4:bd:d5:54:5e:dc:d3:02:ad:3a:
1e:2d:79:e1:17:ed:00:e7:70:57:a5:ac:f8:c7:fc:
77:3f:0d:43:f1:e6:ab:26:d1:46:3a:9a:66:81:ea:
3c:d8:66:68:da:b2:4c:ac:4a:f6:cd:59:88:85:0d:
fc:f0:4d:bd:26:00:d4:b4:ca:66:52:2b:9e:f0:aa:
c7:1c:2f:77:10:9a:dd:58:21:ba:a6:43:80:b1:e5:
48:3f:d0:bd:81:80:d9:5b:6a:85:b8:42:99:b5:25:
7c:a0:b9:85:b9:35:bf:d4:8b:9d:30:ba:aa:7b:76:
0a:d1:6c:87:ce:ee:1b:f0:6b:7a:10:10:af:83:88:
19:9b:9e:98:17:e4:af:cb:03:3d:4a:fb:b3:be:87:
50:32:94:47:1d:ab:ea:b8:b5:b1:6a:53:c8:9b:30:
43:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7B:DD:1D:2D:A2:C2:75:53:55:24:CA:A8:9A:0B:A7:72:8F:2A:03
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/kHvdHS2iwnVTVSTKqJoLp3KPKgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.106.0/24
45.131.0.0/24
45.131.2.0/24
45.136.6.0/23
45.141.148.0/24
45.141.150.0/24
45.147.46.0/24
77.83.200.0/22
194.116.229.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
Signature Algorithm: sha256WithRSAEncryption
22:db:95:74:8e:c8:26:8b:3b:2b:44:e7:3a:12:af:3a:ee:21:
93:a5:65:79:14:ca:44:3a:62:3b:85:5c:88:ad:e5:9f:95:79:
cf:18:2d:f4:7a:5f:a6:8e:dd:e0:dc:2a:d3:dc:35:87:14:52:
02:7c:5f:70:20:d8:29:c9:4d:a0:fa:00:56:17:db:30:d9:b7:
41:6a:b0:2d:5c:2d:6b:b4:92:c9:cd:61:82:3a:ce:41:60:3e:
7a:17:eb:67:82:ea:d8:63:3b:b9:cf:f1:35:f4:91:fd:2a:be:
5d:bb:bf:48:e2:95:54:2d:35:c5:14:b7:64:0b:f0:78:0c:32:
11:04:f8:ac:12:74:dd:e4:9d:e0:b2:f7:0d:ed:9a:09:b7:17:
41:7f:ca:40:ad:b2:7f:c6:b3:a5:ee:3c:27:67:85:5e:ba:93:
e9:4e:3a:80:c7:42:b6:2d:81:f8:2e:98:64:b5:52:6c:f3:67:
26:8f:46:0a:ea:c2:bc:af:dd:08:27:dc:c8:17:0c:aa:82:87:
be:8c:29:40:7b:49:28:65:be:d0:50:fc:f7:62:ae:74:a0:47:
49:f3:c7:16:19:26:c5:0a:9b:1f:69:50:f5:22:63:25:b4:ed:
fd:39:8e:08:42:d1:2e:b2:9e:b5:41:66:2a:af:3d:39:41:ae:
6d:46:d2:62
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECC0lbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODA1ZjE3YzJkNzEzM2QyZGFkM2E4ZGY3ZTM1MzE1ZTM3ZWY1ZGFmMB4XDTIyMDQw
OTEwMzgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA3YmRkMWQyZGEy
YzI3NTUzNTUyNGNhYTg5YTBiYTc3MjhmMmEwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXdpT5LnYJ2esPAkLcLui9sCkhX2R6l/koKtERZDiGftdmG
+t2u5YraoCsWV/sxN6rkBauK1KZ07u7uX5CMAMhQV8IXn59/8xaJHuh/4NGy+suh
TWzhqlJseivV9FLEvdVUXtzTAq06Hi154RftAOdwV6Ws+Mf8dz8NQ/HmqybRRjqa
ZoHqPNhmaNqyTKxK9s1ZiIUN/PBNvSYA1LTKZlIrnvCqxxwvdxCa3VghuqZDgLHl
SD/QvYGA2VtqhbhCmbUlfKC5hbk1v9SLnTC6qnt2CtFsh87uG/BrehAQr4OIGZue
mBfkr8sDPUr7s76HUDKURx2r6ri1sWpTyJswQzkCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSQe90dLaLCdVNVJMqomgunco8qAzAfBgNVHSMEGDAWgBRIBfF8LXEz0trT
qN9+NTFeN+9drzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NBWHhmQzF4TTlMYTA2amZmalV4WGpmdlhhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8x
L2tIdmRIUzJpd25WVFZTVEtxSm9McDNLUEtnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OGUwN2RkLTRmZTUtNDgyMC1iY2JlLTVkZDZlMjJlYmFiMC8xL1NBWHhmQzF4TTlM
YTA2amZmalV4WGpmdlhhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAAW0agMEAC2DAAMEAC2DAgMEAS2I
BgMEAC2NlAMEAC2NlgMEAC2TLgMEAk1TyAMEAMJ05QMEAcJ07AMEAMKSJAMEAMKS
LzANBAIAAjAHAwUDKgmHgDANBgkqhkiG9w0BAQsFAAOCAQEAItuVdI7IJos7K0Tn
OhKvOu4hk6VleRTKRDpiO4VciK3ln5V5zxgt9Hpfpo7d4Nwq09w1hxRSAnxfcCDY
KclNoPoAVhfbMNm3QWqwLVwta7SSyc1hgjrOQWA+ehfrZ4Lq2GM7uc/xNfSR/Sq+
Xbu/SOKVVC01xRS3ZAvweAwyEQT4rBJ03eSd4LL3De2aCbcXQX/KQK2yf8azpe48
J2eFXrqT6U46gMdCti2B+C6YZLVSbPNnJo9GCurCvK/dCCfcyBcMqoKHvowpQHtJ
KGW+0FD892KudKBHSfPHFhkmxQqbH2lQ9SJjJbTt/TmOCELRLrKetUFmKq89OUGu
bUbSYg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:34 2025 by rpki-client